本文介绍了在Maven中生成Fortify报告的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试使用Maven生成强化报告,我已经下载了Fortify360插件,并安装了Fortify-plugin-1.0,将其安装在我的存储库中,然后在我的配置文件中添加了依赖项,但是我无法生成我的Java源代码的强化报告(.fpr)文件.能否帮助我,我该怎么做??

I am trying to generate a fortify report using maven, I have downloaded the plug-in Fortify360, and fortify-plugin-1.0, installed it in my repository and then added the dependencies in my profile, But i am not able to generate a fortify report(.fpr)file of my java source code.Can you please help me with how can i do it??

推荐答案

Fortify提供了maven插件的源代码.您需要构建它

Fortify provides source code for maven plugin. You need to build it

第1步构建强化插件

打开命令提示符

cd %FORTIFY_INSTALLATION_DIRECTORY%\HP_FORTIFY\HP_Fortify_SCA_and_Apps_3.90\Samples\advanced\maven-plugin

mvn clean install

构建成功后,强化插件将出现在您的本地存储库中

After sucessful build fortify plugin will be present into your local repository

步骤2将强化源代码分析器依赖项添加到项目pom文件中

Step # 2 Add fortify source code analyzer dependency to your project pom file

<build>
        <plugins>
            <plugin>
                <groupId>com.fortify.ps.maven.plugin</groupId>
                <artifactId>sca-maven-plugin</artifactId>
                <version>3.90</version>

            </plugin>

        </plugins>

    </build>

注意-确保您确认强化扫描插件的版本

Note - Make sure you verify fortify scan plugin version

FORTIFY_INSTALLATION_DIRECTORY%\HP_FORTIFY\HP_Fortify_SCA_and_Apps_3.90\Samples\advanced\maven-plugin\pom.xml

步骤3创建.frp/报告文件

Step # 3 Create .frp / report file

mvn sca:translate
mvn sca:scan

这将在目标目录中生成强化扫描报告文件

This will generate fortify scan report file in the target directory

这篇关于在Maven中生成Fortify报告的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

06-30 06:11